Content protection or digital rights management (DRM) allows content creators and content distributors to control access to content and prevent unauthorized use and piracy. Content creators often supply content, such as media content (e.g., music, pictures, and movies), to content distributors in an unprotected form (i.e., the content has no DRM or other protection scheme applied to it). Content distributors typically select and apply a DRM scheme to the content to prevent unauthorized use of the content by an end user. A DRM scheme typically includes a way to define usage conditions, generally referred to herein as a license, an encryption algorithm, and corresponding cryptographic material (e.g., decryption keys). The license defines operations that may be performed on the content, and operations that are not explicitly allowed in the license are usually assumed to be unauthorized. The encryption algorithm is used to encrypt the content as a way to enforce the license. For example, a user may download a trial version of a song that has a license allowing the user to play the song track for one week. At the end of the week, the user can no longer play the song track because a compliant implementation of a media player will refuse to play a song track with an expired license. Non-compliant implementations or other users (e.g. hackers who may intercept the download of the song) cannot access the content because they do not have the proper decryption keys (i.e., the corresponding cryptographic material).
End users increasingly download content from distributors such as iTunes, YahooMusic, and CinemaNow. These users often prefer that downloaded content will play on multiple devices (e.g., a computer, a television set top box, and a portable media player). However, in some formats, content is only compatible with certain devices.
An existing solution is to bridge content between devices. Bridging involves a first device that supports the content protection scheme of a content item (i.e., a first content protection scheme) converting the content to a second protection scheme which is supported by a second device. Converting involves decrypting the content of the content item with an encryption algorithm and cryptographic material of the first protection scheme and encrypting the content with an encryption algorithm and cryptographic material of the second protection scheme. This is known in the art as transcryption, and it may only occur if explicitly allowed in a license of the content item or implicitly allowed by a system-wide policy of the first content protection scheme. In addition, the license of the first protection scheme must be converted to a license of the second protection scheme which is referred to in the art as rights mapping. Once both content transcryption and rights mapping have occurred in accordance with applicable policies, the content can be transmitted or transferred from the first device to the second device via a network or other connection between the first and second devices (e.g., a wired or wireless home network).
Bridging has some limitations: the computational burden of transcryption and rights mapping may fall on a device that has limited processing power and/or storage capability; the device called upon to perform the transcryption and rights mapping may not be available at the time the user makes a transfer or playback request which would initiate bridging; and content distributors have limited control over the capability of devices to convert content from one content protection scheme to another.